CVE-2024-4159
published 2024-04-25CVE-2024-4159: Brocade SANnav before v2.3.0a lacks protection mechanisms on port 2377/TCP and 7946/TCP, which could allow an unauthenticated attacker to sniff the SANnav…
PriorityP431medium5.3CVSS 3.1
AVNACLPRNUINSUCLINAN
EPSS
0.52%
40.0th percentile
Brocade SANnav before v2.3.0a lacks protection mechanisms on port 2377/TCP and 7946/TCP, which could allow an unauthenticated attacker to sniff the SANnav Docker information.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| broadcom | brocade_sannav | < 2.3.0a | 2.3.0a |
| brocade | brocade_sannav | — | — |
CVSS provenance
nvdv3.15.3MEDIUMCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
vendor_redhat5.5MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-26w9-32mp-48g9: Brocade SANnav before Brocade SANnav v2
ghsa_unreviewed·2024-04-25
CVE-2024-4159 [HIGH] CWE-200 GHSA-26w9-32mp-48g9: Brocade SANnav before Brocade SANnav v2
Brocade SANnav before Brocade SANnav v2.3.1 lacks protection mechanisms on port 2377/TCP and 7946/TCP, which could allow an unauthenticated, remote attacker to reach Kafka APIs and send malicious data.
Red Hat
kernel: Bluetooth: Call iso_exit() on module unload
vendor_redhat·2024-10-29·CVSS 5.5
CVE-2024-50078 [MEDIUM] CWE-787 kernel: Bluetooth: Call iso_exit() on module unload
kernel: Bluetooth: Call iso_exit() on module unload
In the Linux kernel, the following vulnerability has been resolved:
Bluetooth: Call iso_exit() on module unload
If iso_init() has been called, iso_exit() must be called on module
unload. Without that, the struct proto that iso_init() registered with
proto_register() becomes invalid, which could cause unpredictable
problems later. In my case, with CONFIG_LIST_HARDENED and
CONFIG_BUG_ON_DATA_CORRUPTION enabled, loading the module again usually
triggers this BUG():
list_add corruption. next->prev should be prev (ffffffffb5355fd0),
but was 0000000000000068. (next=ffffffffc0a010d0).
------------[ cut here ]------------
kernel BUG at lib/list_debug.c:29!
Oops: invalid opcode: 0000 [#1] PREEMPT SMP PTI
CPU: 1 PID: 4159 Comm: modprobe Not tainte
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2024-04-25
Published